I'm currently using Swarm to secure my web application, but I think it provides a lot more functionality than I really need. Would simply checking for a User object the session on each page load work as well, or am I overlooking some major security hole? This way, when the user logs in successfully, the session would get a User object, but otherwise it would be null and the application would kick back to the login page.
- Very Simple Security Dane Laverty
- Re: Very Simple Security Martijn Dashorst
- Re: Very Simple Security Maarten Bosteels
